CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-30100 – Microsoft SharePoint Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-30100
11 Jun 2024 — Microsoft SharePoint Server Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Microsoft SharePoint Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30100 • CWE-426: Untrusted Search Path •
CVSS: 10.0EPSS: 0%CPEs: 16EXPL: 0CVE-2024-30097 – Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-30097
11 Jun 2024 — Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de la interfaz de programación de aplicaciones de voz (SAPI) de Microsoft • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30097 • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2024-30095 – Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-30095
11 Jun 2024 — Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del Servicio de enrutamiento y acceso remoto de Windows (RRAS) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30095 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2024-30094 – Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-30094
11 Jun 2024 — Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del Servicio de enrutamiento y acceso remoto de Windows (RRAS) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30094 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0CVE-2024-30089 – Microsoft Streaming Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30089
11 Jun 2024 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Microsoft Kernel Streaming Server driver. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30089 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 7CVE-2024-30088 – Microsoft Windows Kernel TOCTOU Race Condition Vulnerability
https://notcve.org/view.php?id=CVE-2024-30088
11 Jun 2024 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of NtQueryInformationToken. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://packetstorm.news/files/id/179642 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 0CVE-2024-30087 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30087
11 Jun 2024 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull driver. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30087 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 14EXPL: 0CVE-2024-30086 – Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30086
11 Jun 2024 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within DirectComposition. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30086 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 2CVE-2024-30085 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30085
11 Jun 2024 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cldflt kernel driver. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://github.com/Adamkadaban/CVE-2024-30085 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 0CVE-2024-30084 – Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30084
11 Jun 2024 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the UnserializePropertySet function in the ks.sys driver. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30084 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •